NSA Is Writing Security Code For Android

July 10, 2013

The openness of Android has always been a blessing and a curse. It’s a blessing because anybody can do what they want with it, but that openness means far more instances of malware and hacking. Now the NSA is reportedly embracing the openness of Android for security purposes.

Bloomberg reports that the NSA has been developing code for Android since 2011. The code, officially called Security Enhancements for Android, will be used to combat malicious apps that aim to steal data from Android handsets. The agency says that it hopes to include the code in all Android devices going forward, including phones, tablets, televisions and cars.

You can probably already see where this is going. People are going to be wary of any additions to Android from the NSA in light of the recent leaks that say the agency is working with tech companies, including Google, to collect data on foreign threats and Americans that just happen to be in the way. In fact, the addition may just drive people away from Android to Apple as the company affirms that it “does not accept source code from any government agencies for any of our operating systems.”

What’s interesting about all of this is that the NSA’s Android project may just be what they say it is – security enhancements. For one, you can review all of Android’s source code, including what the NSA added, over at Google’s source code page. If the code contained spy software, they probably wouldn’t outright publish the source code.

More importantly, the NSA has already done something like this before. The agency introduced a similar program into Linux years ago with what it called Security-Enhanced Linux. The Linux Foundation says that the NSA’s contributions to the source code didn’t contain “any obvious means of eavesdropping,” but rather seems dedicated to enhancing security.

So, what’s the deal? Just like Linux before it, Android will be increasingly used by government agencies going forward. The government wants to protect data stored on these devices, and needs custom security software to ensure said data stays encrypted and out of the wrong hands.